aboutsummaryrefslogtreecommitdiffstats
path: root/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3')
-rw-r--r--secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.323
1 files changed, 13 insertions, 10 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 b/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3
index 81161d929fc0..c2e8da979487 100644
--- a/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3
+++ b/secure/lib/libcrypto/man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40)
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3"
-.TH SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3 "2020-04-21" "1.1.1g" "OpenSSL"
+.TH SSL_CTX_SET_TLSEXT_TICKET_KEY_CB 3 "2020-09-22" "1.1.1h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -262,6 +262,8 @@ Reference Implementation:
\& unsigned char *iv, EVP_CIPHER_CTX *ctx,
\& HMAC_CTX *hctx, int enc)
\& {
+\& your_type_t *key; /* something that you need to implement */
+\&
\& if (enc) { /* create new session */
\& if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) <= 0)
\& return \-1; /* insufficient random */
@@ -280,21 +282,22 @@ Reference Implementation:
\& }
\& memcpy(key_name, key\->name, 16);
\&
-\& EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key\->aes_key, iv);
-\& HMAC_Init_ex(&hctx, key\->hmac_key, 16, EVP_sha256(), NULL);
+\& EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key\->aes_key, iv);
+\& HMAC_Init_ex(&hctx, key\->hmac_key, 32, EVP_sha256(), NULL);
\&
\& return 1;
\&
\& } else { /* retrieve session */
-\& key = findkey(name);
+\& time_t t = time(NULL);
+\& key = findkey(key_name); /* something that you need to implement */
\&
-\& if (key == NULL || key\->expire < now())
+\& if (key == NULL || key\->expire < t)
\& return 0;
\&
-\& HMAC_Init_ex(&hctx, key\->hmac_key, 16, EVP_sha256(), NULL);
-\& EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key\->aes_key, iv);
+\& HMAC_Init_ex(&hctx, key\->hmac_key, 32, EVP_sha256(), NULL);
+\& EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key\->aes_key, iv);
\&
-\& if (key\->expire < now() \- RENEW_TIME) {
+\& if (key\->expire < t \- RENEW_TIME) { /* RENEW_TIME: implement */
\& /*
\& * return 2 \- This session will get a new ticket even though the
\& * current one is still valid.
@@ -315,7 +318,7 @@ Reference Implementation:
\&\fBSSL_CTX_set_session_id_context\fR\|(3),
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
-Copyright 2014\-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2014\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy